<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Admin-Login</title>
<link type="text/css" rel="stylesheet" href="styles/adminbantin.css" />
</head>

<body>
<div class="header">
	<div id="logo"><a href="javascript:;"><img src="images/logo.png" class="png" /></a></div>
</div>

<div class="mainlogin">
	<div class="bgform">
    	<div class="bgform_in">
        	<h1 class="png">Login form</h1>
            <div class="error" style="width:96%; margin-left:5px; display:inline;"><h2>Sai ten dang nhap hoac password</h2></div>
            <div class="bglogin">
            <form method="post" action="">
            	<ul>
                	<li><input type="text" name="username" value="" class="text" /></li>
                    <li><input type="password" name="password" value="" class="text" /></li>
                    <li>
                    	<span class="left" style="padding-top:5px;"><input type="checkbox" name="" value="" style="border:0; padding:0; margin:0;" />Remember me</span>
                        <span class="right"><input type="submit" name="" value="" class="btnlogin png" /></span>
                    </li>
                    <li class="end">
                    	<span class="left"><a href="#">Trang chủ</a></span>
                        <span class="right"><a href="#">Quên mật khẩu ?</a></span>
                    </li>
                </ul>
            </form>    
            </div>
        </div>
    </div>
</div>
<?php 
if($_SERVER['REQUEST_METHOD'] == 'POST'){
	include('../mysql.php');
	$q	=	mysql_query("SELECT * FROM `thanhvien` WHERE `t_user`='".$_POST['username']."' AND `t_pass`='".md5($_POST['password'])."' AND `t_hoat_dong`=1 AND `t_level`=1");
	$num	=	mysql_num_rows($q);
	$row	=	mysql_fetch_array($q);
	if($num == 1){
		session_start(); 
		$_SESSION['_user']['username']		=	$row['t_user'];
		$_SESSION['_user']['id']			=	$row['t_id'];
		$_SESSION['_user']['level']			=	$row['t_level'];
		$_SESSION['_user']['password']		=	md5($_POST['password']);
		echo "<script>location.href='index.php'</script>";
	}
	
}
?>

</body>
</html>